Cryptology ePrint Archive: Report 2016/1063

Authenticated LSM Trees with Minimal Trust

Yuzhe (Richard) Tang and Ju Chen and Kai Li

Abstract: In the age of user-generated contents, the workloads imposed on information-security infrastructures become increasingly write-intensive. How- ever, existing security protocols, specifically authenticated data structures (ADSs), are historically designed based on update-in-place data structures and incur overhead when serving write-intensive workloads.

In this work, we present LPAD (Log-structured Persistent Authenticated Directory), a new ADS protocol designed uniquely based on the log-structured merge trees (LSM trees) which recently gained popularity in the design of modern storage systems. On the write path, LPAD supports streaming, non-interactive updates with constant proof from trusted data owners. On the read path, LPAD supports point queries over the dynamic dataset with polynomial proof. The key to enable this efficiency is a verifiable reorganization operation, called verifiable merge, in LPAD. Verifiable merge is secured by the execution in an enclave of trusted execution environments (TEE). To minimize the trusted computing base (TCB), LPAD places the code related to verifiable merge in enclave, and nothing else. Our implementation of LPAD on Google LevelDB codebase and on Intel SGX shows that the TCB is reduced by 20 times: The enclave size of LPAD is one thousand code lines out of more than twenty thousands code lines of a vanilla LevelDB. Under the YCSB workloads, LPAD improves the performance by an order of magnitude compared with that of existing update-in-place ADSs.

Category / Keywords: implementation / SGX, TEE, hash functions, authentication codes

Original Publication (with minor differences): SecureComm 2019

Date: received 13 Nov 2016, last revised 13 Aug 2019

Contact author: ytang100 at syr edu

Available format(s): PDF | BibTeX Citation

Version: 20190813:211520 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]